back to article Ransomware severs 1,000 ships from on-shore servers

A Norwegian maritime risk management business is getting a lesson in that very area, after a ransomware attack forced its ShipManager software offline and left 1,000 ships without a connection to on-shore servers.  DNV said the attack happened on January 7, and updated its report yesterday to say it involved ransomware – but …

  1. tmTM

    Lax Security

    Anyone is a popular target if your security is lax.

    These people aren't stupid, they are actively looking for decent sized operations that don't take cyber threats seriously.

    1. I Am Spartacus

      Re: Lax Security

      Beg to differ. Some of these people are monumentally, criminally stupid. And the cargoes they work with do not take kindly to being maltreated.

  2. Dave559

    They'll need an appropriate specialist to sort this out… I wonder if they have called Sandra Bullock yet?

  3. Pascal Monett Silver badge
    Holmes

    "if it planned to pay them"

    The answer should be NO.

    The only reason these attacks continue are because these assholes are getting paid. Stop paying and the problem goes away.

    Yes, your company might fold in the meantime. It's called the Greater Good.

    And, next time, train your personnel better.

    1. Graham Cobb Silver badge

      Re: "if it planned to pay them"

      Not a useful suggestion.

      People still pay ransoms in (people) kidnapping cases. Those cases get much more focus from law enforcement, and the person kidnapped also has their own intelligence to use to protect themselves.

      It is obvious that corporate asset "kidnapping" will always be many orders of magnitude more prevalent than kidnapping people and many more ransoms will be paid.

      The answer isn't vague instructions to "not pay" in the vain hope the bad guys will decide it isn't worth it. The answer is investment in proper security so that you are not an easy target and/or won't have much you have to pay for.

      1. Lil Endian

        Re: "if it planned to pay them"

        False analogue.

        A person cannot be kidnapped remotely[1], physical presence is required. Ergo jurisdiction is clear and law enforcement can act effectively.

        [1] Unless you hack their Tesla while they're in it :D

    2. Roland6 Silver badge

      Re: "if it planned to pay them"

      >The only reason these attacks continue are because these assholes are getting paid. Stop paying and the problem goes away.

      The problem might go away if we simply turned a blind eye to events in the Ukraine...

      Just saying they haven't ruled out a state player being behind this attack...

    3. Cynical Pie

      Re: "if it planned to pay them"

      Except it isnt always that simple is it but then you know that.

      A primary school I work with suffered a ransomware attack that had sweet FA to do with users so the training element is meaningless and the school had implemented all reasonable and expected security measures. I assume that was their fault?

      I assume you will happily lose your business and livelihood for the greater good?

    4. unbender

      Re: "if it planned to pay them"

      The only reason these things continue is that there are gateways between real banks and Crypto-currencies. Without an untraceable way of collecting the loot Ransomware would not be a thing.

    5. stiine Silver badge

      Re: "if it planned to pay them"

      Any reason you negelected to say 'spend money on security? Just training employees isn't going to resolve this problem.

  4. s. pam
    Pirate

    Aye me buckos

    there be dangerous hacker types in them there waters!

  5. First Light

    Just what we need

    to increase the cost of living even more with higher expenses for transpo cyber security. It will get passed on to us.

    The Maersk attack was massively successful, IIRC their proprietary software was still intact at only one office in the world, where the power had gone out before the attack happened. Otherwise they would have lost everything.

    1. Screepy

      Re: Just what we need

      Yes, it was an office in Ghana that had the single surviving DC

      The Maersk story is a great read..

      https://www.industrialcybersecuritypulse.com/threats-vulnerabilities/throwback-attack-how-notpetya-accidentally-took-down-global-shipping-giant-maersk

  6. Grunchy Silver badge

    Peasants Quest

    Somebody found a shareware preview of Peasants Quest on a CD-rom in an old magazine, and >boom< it’s a run-away 1994 ransomware pandemic, all because some yokel put it on internets. Everybody thought it was safe to thrown away their windows xp antivirus & whoopsie!

    https://youtu.be/xixgDV_9RJI

  7. CheesyTheClown

    DaVinci Virus?

    I'm pretty sure this is the DaVinci Virus and it will likely eventually cause the ballast in the ships to ship and the little boats will flip over unless a million dollars is deposited into a specific numbered account.

    I recommend you they track down a hacker named "The Plague"

  8. Anonymous Coward
    Anonymous Coward

    If Only.......

    ShipManager is a software platform that its developer said is designed to manage entire marine fleets. It includes modules for managing maintenance, crew, hull integrity and other aspects of overseeing a fleet of shipping vessels.

    If only the Tittanic has such useful software, then it have been able to manage its Hull Integrity malfunction much better.

    I'd always thought the proper management of hull integrity required watertight compartments and doors, and a well trained crew. Seems it needs software these days. No doubt there's an app for that, with pretty icons and pictures, as long as the subscription is up to date.

    1. John Brown (no body) Silver badge

      Re: If Only.......

      The fact that so many separate companies are involved tells us that there are clouds at sea too. Part of the problem is "cloud". If they sold the s/w to the shipping companies who then ran it on their own servers, then a single hack on the s/w would not result in 100's of companies and 1000's of ships being affected. But no, these days it's all about rent-seeking and being the next billionaire while becoming an ever increasingly large and lucrative target.

  9. I Am Spartacus
    Mushroom

    Hate to say I told you so, but....

    I wanred a major ship owner about this risk many years ago. I spoke at conferences about the need for rigourous cyber security. Needless to say I ws ignored. Comments like: Just trying to spend more of the companies money; its not necessary - no-one would hack us; No-one even knows about us. much less cares, so we are safe.

    I even wrote a movie plot about it (it was a disaster movie, not a romcom!).

    This has been an accident waiting to happen. I did hope that following the Maersk hacking incident in 2017 that the industry would sit up and take notice. But no. Easier to pretend it won't happen to you.

    DUE DILIGENCE: I worked in shipping for 20 years as a business transformation manager, sitting between the business and the IT team.

    1. Anonymous Coward
      Anonymous Coward

      Re: Hate to say I told you so, but....

      i have a passing interest in this kinda thing, did my degree in marine studies and masters in international shipping, then worked in a shipyard before going in to IT 25 years ago. Plymouth Uni do quite a bit around maritime cyber security https://www.plymouth.ac.uk/research/cyber-ship-lab

  10. elawyn
    Joke

    Did you know...

    The Norwegian Navy paints barcodes on the sides of their ships?

    So that when they return to port, the harbormaster can Scandinavian!

    1. Lil Endian
      Pint

      Re: Did you know...

      OMG you've done my Sweden!

      [Edit to add, an El Reg relevant example on Urban Dictionary just made me LOL!]

    2. John Brown (no body) Silver badge
      Thumb Up

      Re: Did you know...

      Holy crap! That's worthy of The Beano jokes page :-)

  11. Paul Hovnanian Silver badge

    Time to ...

    ... get the sextant out.

  12. John Brown (no body) Silver badge
    FAIL

    Numbers?

    "ransomware attacks against the shipping and transportation sector had doubled from the second to the third quarter of 2022."

    So, there was one in Q2 and two in Q3? Yeah, I followed the link and it was entirely percentages. Not an actual real number in sight. Lots of high percentage increases but with no baseline real numbers, utterly meaningless.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like